![]() Global Catalog: a special type of server that stores reduced sets of replicated information from DSAs to speed up searches.Directory System Agent (DSA): a server which allows LDAP operations.Clients can connect to two types of servers: LDAP defines a series of operations that are available to clients. Fortunately, barring binary encoding details and other low-level stuff, LDAP is a fairly simple protocol. The best way to understand a protocol is to get your hands a bit dirty and learn its inner workings. Of course, if SSO is not required, Active Directory can also be used as a simple authentication mechanism. Whenever a user tries to do something that requires authentication, an application can use information from the Active Directory server to validate the user's identity. When users attempt to login to their Windows PC, Windows validates the login information against the LDAP/Active Directory server. Active Directory stores user information in an LDAP server. The diagram shows a simplified Microsoft Active Directory configuration using LDAP. The following diagram shows how a simple SSO system can work using LDAP. If you are not familiar with SSO, read our introduction to SSO. One common use of LDAP is as part of single-sign-on (SSO) systems. Even though most of the time it is used as a user directory, LDAP can also work as a generic information sharing service. This means that LDAP is perfectly suited to be a user information database. If you are familiar with document-based databases, this may sound familiar. A directory is a tree containing a set of attributes associated with a unique identifier (or primary key). LDAP is a protocol that defines a series of operations through which you can access information that is part of a directory. Get the full code and read on! What is LDAP? In the next post, we will take a look at the Active Directory specific PrincipalContext API. For the purposes of this post, we will focus on the generic LdapConnection API. ![]() We will also talk about Active Directory (Microsoft's LDAP implementation with extra features) and how to use it as an authentication mechanism. In this post series, we will study the Lightweight Directory Access Protocol (LDAP): a protocol developed in the 90s to be an open, simpler alternative to other directory protocols.
0 Comments
Leave a Reply. |